<?php
/*!
 * Theme Name:One Nav
 * Theme URI:https://www.iotheme.cn/
 * Author:iowen
 * Author URI:https://www.iowen.cn/
 */
if ( ! defined( 'ABSPATH' ) ) { exit; }

add_action('wp_ajax_post_star','post_star_users_callback'); 
add_action('wp_ajax_nopriv_post_star','post_star_users_callback');
function post_star_users_callback(){ 
    $user = wp_get_current_user();
    if(!$user->ID) {
        error('{"status":2,"msg":"请先登录才能收藏哦!"}'); 
    } 
    if (!wp_verify_nonce($_POST['ticket'],"post_star_nonce")){
        error('{"status":3,"msg":"'.__('对不起!您没有通过安全检查','i_theme').'"}',true);
    }
    $post_id = absint($_POST["post_id"]); 
    $post_type = esc_sql($_POST["post_type"]); 
    $delete = isset($_POST["delete"])?absint($_POST["delete"]):0;  //1 为执行删除
    if(!$post_id) {
        error('{"status":4,"msg":"文章 id 错误"}');  
    } 

    $star_user_ids = array_unique(get_post_meta( $post_id, "io_{$post_type}_star_users", false));
    if(in_array($user->ID, $star_user_ids)) {
        if($delete){  
            if(delete_post_meta($post_id, "io_{$post_type}_star_users", $user->ID)) {// io_post_star_users 不唯一, 必须提供第三个参数, 否则该文章下的io_post_star_users的meta全部被删除
                error('{"status":1,"msg":"取消收藏成功","count":"'.(count($star_user_ids)-1).'"}');
            }else{
                error('{"status":4,"msg":"取消收藏失败！！！"}'); 
            }
        }
        error('{"status":1,"msg":"收藏成功","count":"'.count($star_user_ids).'"}');  
    }else{ 
        if($delete){
            error('{"status":4,"msg":"操作异常！！！"}'); 
        }
        $add = add_post_meta($post_id, "io_{$post_type}_star_users", $user->ID); //  io_post_star_users 不唯一
        if($add) {
            error('{"status":1,"msg":"收藏成功","count":"'.(count($star_user_ids)+1).'"}');  
        }else{
            error('{"status":4,"msg":"收藏失败！！！"}');  
        }
    }
} 

//修改用户信息
add_action('wp_ajax_nopriv_change_profile', 'change_profile_callback');  
add_action('wp_ajax_change_profile', 'change_profile_callback');
function change_profile_callback(){ 
    if (!wp_verify_nonce($_POST['_wpnonce'],'change_profile')){
        error('{"status":2,"msg":"'. '对不起!您没有通过安全检查' .'"}');
    }
    $user = wp_get_current_user();
    if(!$user->ID) {
        error('{"status":2,"msg":"非法请求!"}'); 
    } 
    $avatar_type = isset($_POST['avatar'])?esc_sql($_POST['avatar']):'custom';
    $nickname = str_replace(array('<','>','&','"','\'','#','^','*','_','+','$','?','!'), '', esc_sql($_POST['mm_name'])); 
    $userdata = array();
    $userdata['ID'] = $user->ID;
    //if(!get_user_meta($userdata['ID'], 'email_status'))
    //    error('{"status":3,"msg":"'. '请先验证邮箱！' .'"}');
    $userdata['nickname'] = $nickname;
    $userdata['display_name'] = $nickname; 
    $userdata['user_url'] = esc_sql($_POST['mm_url']);
    $userdata['description'] = esc_sql($_POST['mm_desc']);
    
    update_user_meta($userdata['ID'], 'avatar_type', $avatar_type);
    wp_update_user($userdata);
    error('{"status":1,"msg":"资料修改成功！"}');
    
}

//验证邮箱
add_action('wp_ajax_nopriv_get_email_token', 'get_email_token_callback');  
add_action('wp_ajax_get_email_token', 'get_email_token_callback');
function get_email_token_callback(){  
    if(!session_id()) @session_start();
    date_default_timezone_set('Asia/Shanghai');
    //重置短信验证码
    $_SESSION["mailtoken"]=mt_rand(100000,999999);
    $user_email = isset($_POST['mm_mail']) ? addslashes(trim($_POST['mm_mail'])) : '';//发送到的用户名 
    if(email_exists($user_email))
        error('{"status":3,"msg":"'. '此邮箱已存在！' .'"}');
    $result=io_mail($user_email,'['.get_bloginfo('name').']'.'邮箱验证码','您的邮箱验证码是: '.$_SESSION['mailtoken'],true);
    if($result){
        $_SESSION['newmail'] = $user_email; 
        error('{"status":1,"msg":"'. '邮箱验证码发送成功，请前往邮箱查看！' .'"}');
    }else{
        error('{"status":3,"msg":"'. '发送验证码失败，请稍后再尝试。' .'"}');
    }   
}

//修改用户密码
add_action('wp_ajax_nopriv_change_safe_info', 'change_safe_info_callback');  
add_action('wp_ajax_change_safe_info', 'change_safe_info_callback');
function change_safe_info_callback(){ 
    if (!wp_verify_nonce($_POST['change_safe'],'change_safe_info')){
        error('{"status":0,"msg":"'. '对不起!您没有通过安全检查' .'"}');
    } 
    $new_pass = esc_sql($_POST['mm_pass_new']);
    $new_pass2 = esc_sql($_POST['mm_pass_new2']);
    $userdata = array();
    $userid = wp_get_current_user()->ID;
    $userdata['ID'] = $userid;
    if($new_pass!=$new_pass2){ 
        error('{"status":2,"msg":"'. '两次输入的密码不同！' .'"}');
    }if(strlen($new_pass) < 6){
        error('{"status":2,"msg":"'. __( '密码长度至少6位!', 'i_theme' ) .'"}');
    }else{
        if($new_pass) 
            $userdata['user_pass'] = $new_pass;
        if(count($userdata)>1){
            wp_update_user($userdata);
            error('{"status":1,"msg":"'. '密码修改成功！' .'"}'); 
        }else{
            error('{"status":1,"msg":"'. '没用任何变更！' .'"}'); 
        }
    } 
}

//修改&验证用户邮箱
add_action('wp_ajax_nopriv_mail_bind', 'mail_bind_callback');  
add_action('wp_ajax_mail_bind', 'mail_bind_callback');
function mail_bind_callback(){ 
    if (!wp_verify_nonce($_POST['mail_nonce'],'mail_bind')){
        error('{"status":0,"msg":"'. '对不起!您没有通过安全检查' .'"}');
    } 
    $new_mail = esc_sql($_POST['mm_mail']);
    $mm_token = esc_sql($_POST['mm_token']);
    $userdata = array();
    $userid = wp_get_current_user()->ID;
    $userdata['ID'] = $userid;
    if(!$mm_token)
        error('{"status":2,"msg":"'. '请输入验证码！' .'"}');
    if(!$new_mail){ 
        error('{"status":2,"msg":"'. '邮箱不能为空！' .'"}');
    }else{
        if(isset($_SESSION['newmail']) && $_SESSION['newmail'] != $new_mail)
            error('{"status":3,"msg":"'. '邮箱怎么变了！' .'"}');
        if(!isset($_SESSION['mailtoken']) || $mm_token != $_SESSION['mailtoken'] )
            error('{"status":4,"msg":"'. '验证码不正确！' .'"}');
        $user_data = get_userdata( $userid );
        $email = $user_data->user_email; 
        if($email != $new_mail){
            if(email_exists($new_mail))
                error('{"status":3,"msg":"'. '此邮箱已存在！' .'"}');
            else{
                $userdata['user_email'] = esc_sql($_POST['mm_mail']);
            }
        } 
        if(count($userdata)>1){
            wp_update_user($userdata);
            update_user_meta($userid, 'email_status', 1);
            $_SESSION["mailtoken"]=mt_rand(10000,99999);
            error('{"status":1,"msg":"'. '邮箱修改成功！' .'"}'); 
        }else if(!get_user_meta($userid, 'email_status')){
            update_user_meta($userid, 'email_status', 1);
            $_SESSION["mailtoken"]=mt_rand(10000,99999);
            error('{"status":1,"msg":"'. '邮箱验证成功！' .'"}'); 
        }else{
            error('{"status":2,"msg":"'. '没用任何变更！' .'"}'); 
        }
    } 
}

//存储书签页设置
add_action('wp_ajax_nopriv_save_bookmark_set', 'save_bookmark_set_callback');  
add_action('wp_ajax_save_bookmark_set', 'save_bookmark_set_callback');
function save_bookmark_set_callback(){ 
    if (!wp_verify_nonce($_POST['_wpnonce'],'bookmark_set')){
        error('{"status":0,"msg":"'. '对不起!您没有通过安全检查' .'"}');
    } 
    $key =  absint(base64_io_decode($_POST['key']));
    $userid = wp_get_current_user()->ID;
    if($key != $userid){
        error('{"status":2,"msg":"'. '无权修改！' .'"}');
    }
    $share_bookmark = isset($_POST['share-bookmark'])?1:0;
    $hide_title     = isset($_POST['hide-title'])?1:0;
    $is_go          = isset($_POST['is-go'])?1:0;
    $sites_title    = esc_sql($_POST['sites-title']);
    $quick_nav      = esc_sql($_POST['quick-nav']);
    $custom_img     = esc_sql($_POST['custom-img']);
    $bg             = esc_sql($_POST['bg']);

    $userdata = array(
        'share_bookmark'    => $share_bookmark,
        'hide_title'        => $hide_title,
        'is_go'             => $is_go,
        'sites_title'       => $sites_title,
        'quick_nav'         => $quick_nav,
        'bg'                => $bg,
        'custom_img'        => $custom_img,
    ); 
    update_user_meta($userid, 'bookmark_set', maybe_serialize($userdata));
    error('{"status":1,"msg":"'. '保存成功！' .'"}');
}
